Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1EC53C7B2B110583761AB93D9F455B71591D3EB0FCA825BD1E2F8E37A09D9C31F91380A |
|
CONTENT
ssdeep
|
1536:l9+X3yTQWEtBE7PXL9NTxJ8mzXGlty7/d+Y:v+XCLEtB6ZNVXGs |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b033d24cce6d61cd |
|
VISUAL
aHash
|
c7c7c3cfffc3c3ff |
|
VISUAL
dHash
|
8c1f9e1e208e0a00 |
|
VISUAL
wHash
|
008783c3cf83c3ff |
|
VISUAL
colorHash
|
06001000240 |
|
VISUAL
cropResistant
|
8c1f9e1e208e0a00,3371593313131796,1034b4b4b2b43408 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 180 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 10 other scans for this domain